CVE-2024-0406
Published: 06 April 2024
Summary
CVE-2024-0406 is a medium-severity Path Traversal (CWE-22) vulnerability in Mholt Archiver. Its CVSS base score is 6.1 (Medium).
Operationally, ranked in the top 4.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2024-0406 is a path traversal flaw (CWE-22) in the mholt/archiver package. A specially crafted tar archive can cause the library to access or write files outside the intended extraction directory during unpacking, enabling creation or overwriting of files using the privileges of the user or application performing the operation. The issue carries a CVSS 3.1 score of 6.1 with local attack vector, low complexity, and required user interaction.
An attacker with the ability to supply a malicious tar file to a victim process can exploit the flaw to achieve unauthorized file writes on the target system. Exploitation requires the target to unpack the archive with the affected library and does not grant direct remote code execution or privilege escalation beyond the permissions of the extracting user.
Red Hat has published security advisories and errata, including RHSA-2025:2449, that reference this CVE for affected products. The current EPSS score stands at 0.2206 with no material increase from its recorded peak.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-1299
Vulnerability details
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of…
more
files with the user's or application's privileges using the library.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.